The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
You can deploy a Cisco ICFPP virtual appliance on a system that meets the following requirements:
Cisco ICFPP is a virtual appliance that can be deployed on VMware vSphere Client or OpenStack KVM Hypervisor.
Hypervisor | Version |
---|---|
VMware |
|
VMware vSphere Client |
5.1 (including update 1) and 5.5 |
OpenStack |
|
Red Hat Enterprise Linux OpenStack Platform |
Icehouse |
Ports must be configured as described in the following tables to ensure that Cisco ICFPP can communicate effectively on the internal private network and the public network (Internet).
Protocol |
Port |
Allow / Deny |
Description |
---|---|---|---|
TCP |
443 |
ALLOW |
Allows inbound HTTPS traffic from the Internet so that Cisco Intercloud Fabric for Business can reach Cisco ICFPP. |
Protocol |
Port |
Allow / Deny |
Description |
---|---|---|---|
All |
All |
DENY |
Cisco ICFPP does not need to send outbound traffic to the Internet. |
Protocol |
Port |
Allow / Deny |
Description |
---|---|---|---|
TCP |
443 |
ALLOW |
Allows inbound HTTPS traffic from the internal network, so that the Cisco ICFPP web-based GUI can be accessed. |
TCP |
22 |
ALLOW |
Allows inbound SSH traffic from the internal network for Cisco ICFPP administration. |
TCP |
3306 |
ALLOW |
Allows inbound MySQL traffic from the internal network. Required if Cisco ICFPP is configured in a multiple-node cluster. |
TCP |
8080 |
ALLOW |
Allows inbound HTTP traffic for template uploads to CloudStack. Required if using the CloudStack adapter. |
Note | The ports in the following table must be open on any firewalls on the internal network between Cisco ICFPP and destination systems to ensure that the destination systems receive communications from Cisco ICFPP. |
Protocol |
Firewall Port |
Allow / Deny |
Description |
---|---|---|---|
TCP |
443 |
ALLOW |
Allows HTTPS traffic to the internal network. Required to reach the cloud provider API/SDK gateway if it is running on HTTPS. |
TCP |
80 |
ALLOW |
Allows HTTP traffic to the internal network. Required to reach the cloud provider API/SDK gateway if it is running on HTTP. |
TCP |
3306 |
ALLOW |
Allows outbound MySQL traffic to other Cisco ICFPP nodes on the internal network. Required if Cisco ICFPP is configured in a multiple-node cluster. |
TCP/UDP |
514 |
ALLOW |
Allows syslog traffic from Cisco ICFPP to the syslog server. |
Required Information | Mandatory / Optional | Your Information / Notes |
---|---|---|
For Preinstallation Configuration |
||
Cisco ICFPP image location |
Mandatory |
|
Cisco ICFPP OVA or QCOW2 image name |
Mandatory |
|
VM name |
Mandatory |
|
VMware datastore location |
Mandatory for VMware |
|
Network / Port Profile for VM management |
Mandatory |
|
KVM flavor name |
Mandatory for OpenStack |
|
KVM Instance Security Group |
Mandatory for OpenStack |
|
For Cisco ICFPP Installation |
||
Installation type: Standalone, Primary, or Service Node For OpenStack environments, you can install in Standalone mode only. |
Mandatory |
|
Hostname |
Mandatory |
|
Admin / root / ShellAdmin account password |
Mandatory |
|
Static IP address For OpenStack environments, this must be a public IP address. |
Mandatory |
|
Subnet mask |
Mandatory |
|
Gateway IP address |
Mandatory |
|
Primary node IP address |
Mandatory for service node installations only. |
|
NFS server IP address |
Optional1 |
|
NFS directory to mount |
Optional |
|
Domain name. |
Optional |
|
DNS server IP address |
Mandatory |
|
NTP server IP address or fully qualified domain name (FQDN) |
Mandatory |